These API keys were acquired by attackers when they downloaded a set of private NPM repositories using stolen OAuth token. The NPM is a tool used to download or publish node packages via the npm ...

PALO ALTO, Calif., April 25, 2024 -- Salt Security today announced the release of its new multi-layered OAuth protection package to detect attempts to exploit OAuth and proactively fix ...

Salt Security has revealed research unveiling critical API security vulnerabilities in the OAuth protocol implementations of popular online platforms like Grammarly, Vidio and Bukalapak. These ...

API Security White Paper. According to Gartner, APIs will be the most common attack vector by 2021. Unfortunately, we’re already seeing the leading edge of that as the sheer volume of business ...

The security lapses involved the access token verification step, a crucial component of the OAuth procedure. The researchers demonstrate a technique dubbed a “Pass-The-Token Attack.” ...

A travel service, integrated into many airline service providers, carried a security flaw This could be abused to log into people's accounts and change their bookings It has since been reported ...

Before showing the OAuth app dialog, Microsoft will first ask the user to login to their Office 365 account using their normal login credentials.

GitHub has shared a timeline of this month's security breach when a threat actor gained access to and stole ... The attacker authenticated to the GitHub API using the stolen OAuth tokens issued to ...

Security flaw in Booking.com OAuth implementation could be used to launch account takeovers, but researchers discovered and flagged the issue before it could be exploited in the wild ...

This informative whitepaper describes what OAuth is and how it fits into a complete API security solution. Read now to understand the complexity of implementing OAuth, and how you can make an ...